When Check Point Systems first briefed me on their new midrange UTM-1 appliance, they neglected to mention that their hardware designs were first worked out by Crossbeam Systems. Actually, it turns out that they even buy the hardware through Crossbeam. It took a comment here from Crossbeam’s Chris Hoff for me to realize the true story. Today, I connected with Paul Kaspian of Check Point to straighten things out. Here’s the scoop.

Crossbeam has two main hardware platforms – the high-end X-series and the midrange C-series. The X-series is the one with the architecture I previously praised, and about which Paul himself is “really excited.” The less remarkable C-series, however, is the one Check Point’s UTM-1 products are actually based on.

There are three UTM-1 models. Two of them use hardware that exactly duplicates Crossbeam’s C2 and C6. The most powerful of the three – the 2050 – is based on a modified C6 design. Paul isn’t 100% sure in his recollection of what the modification was, but thinks it’s probably extra RAM.

The hardware is actually manufactured by an unnamed Asian outfit. Crossbeam currently buys the boxes and resells them to Check Point. It is anticipated that this will change over time, and Check Point will take care of procuring its own boxes (from the same manufacturer). At least, that’s the plan if the Check Point and Crossbeam hardware specs significantly diverge.

The Crossbeam C-Series — and hence also the new Check Point UTM-1 – are indeed classic Type 1 appliances. The biggest difference vs. generic Dell/HP/whatever servers is the density of Ethernet ports (4-8 per box, depending on model). In particular, Check Point is very proud of the work it’s done optimizing for Intel processors.*

Notwithstanding anything above, the UTM-1 machines really are Check Point appliances. Check Point does 100% of the support, it has some administrative software pieces that are different from Crossbeam’s, etc.

*Indeed, as the focus of security processing shifts more and more to the application layer, they contend security processing is more and more like any other kind – rather than, say, low-level network processing.

What seems to be going on here is that Check Point is cannibalizing Crossbeam’s C-Series business, and Crossbeam is being gracious about giving it up while focusing on the much more differentiated and strategic X-Series. Crossbeam self-identifies as a high-end player anyway, so this all makes perfect sense. The real issue for Crossbeam going forward has little to do with whether it can squeeze a few more commodity dollars out of the midrange. Rather, it’s whether Crossbeam can hold its technical lead when the large server manufacturers finally figure out the need to create virtualization-friendly, networking-friendly, blade-based systems. The key point here is “networking-friendly”; many servers just need more data movement capability than conventional systems now provide.

Comments

Curt, thanks for your digging on this relationship between Crossbeam and Check Point. Do you happen to know what the C6 box is built from? In particular, we’ve just purchased the UTM-1 2050 (a pair of them) and I’m curious to know what the processor and design is. I presume Crossbeam revs the hardware periodically, based on sourcing parts from Intel and other vendors. Check Point makes performance claims for our boxes, but I’d like to be able to compare to off-the-shelf Intel servers so I have a better perspective on performance. We’re playing with the NGX software on little Dell boxes in the lab. Instead of pulling on the screwdriver and opening up the UUTM-1 box, are there available details on them?

Sorry, I don’t know off the top of my head. Definitely Intel multicore, given the fuss Check Point makes its their optimizations for that architecture. But that’s not exactly saying a lot you didn’t already know.